Slackware 10.0 / current : alternate samba package for Slackware 10.0 (SSA:2004-208-01)

2005-07-13T00:00:00
ID SLACKWARE_SSA_2004-208-01.NASL
Type nessus
Reporter Tenable
Modified 2013-06-01T00:00:00

Description

It was pointed out that the new Samba packages for Slackware 10.0 (and -current) have a dependency on libattr.so that wasn't in the previous packages. Since it's not the intent to introduce new requirements in security patches (especially for stable versions), an alternate version of the samba package is being made available that does not require libattr.so. The original samba-3.0.5-i486-1.tgz package for Slackware 10.0 will also remain in the patches directory (at least for now, since it was just referenced in a security advisory and the URL to it should remain working), and because the original package works fine if the xfsprogs package (which contains libattr) is installed. If you're running a full installation or have xfsprogs installed, you do not need to update samba again.

                                        
                                            #
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were  
# extracted from Slackware Security Advisory 2004-208-01. The text 
# itself is copyright (C) Slackware Linux, Inc.
#

include("compat.inc");

if (description)
{
  script_id(18764);
  script_version("$Revision: 1.11 $");
  script_cvs_date("$Date: 2013/06/01 00:36:12 $");

  script_xref(name:"SSA", value:"2004-208-01");

  script_name(english:"Slackware 10.0 / current : alternate samba package for Slackware 10.0 (SSA:2004-208-01)");
  script_summary(english:"Checks for updated package in /var/log/packages");

  script_set_attribute(
    attribute:"synopsis", 
    value:"The remote Slackware host is missing a security update."
  );
  script_set_attribute(
    attribute:"description", 
    value:
"It was pointed out that the new Samba packages for Slackware 10.0
(and -current) have a dependency on libattr.so that wasn't in the
previous packages. Since it's not the intent to introduce new
requirements in security patches (especially for stable versions), an
alternate version of the samba package is being made available that
does not require libattr.so. The original samba-3.0.5-i486-1.tgz
package for Slackware 10.0 will also remain in the patches directory
(at least for now, since it was just referenced in a security advisory
and the URL to it should remain working), and because the original
package works fine if the xfsprogs package (which contains libattr) is
installed. If you're running a full installation or have xfsprogs
installed, you do not need to update samba again."
  );
  # http://www.slackware.com/security/viewer.php?l=slackware-security&y=2004&m=slackware-security.397947
  script_set_attribute(
    attribute:"see_also",
    value:"http://www.nessus.org/u?f92d63cc"
  );
  script_set_attribute(attribute:"solution", value:"Update the affected samba package.");
  script_set_attribute(attribute:"risk_factor", value:"High");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:slackware:slackware_linux:samba");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:slackware:slackware_linux");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:slackware:slackware_linux:10.0");

  script_set_attribute(attribute:"patch_publication_date", value:"2004/07/26");
  script_set_attribute(attribute:"plugin_publication_date", value:"2005/07/13");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_copyright(english:"This script is Copyright (C) 2005-2013 Tenable Network Security, Inc.");
  script_family(english:"Slackware Local Security Checks");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/Slackware/release", "Host/Slackware/packages");

  exit(0);
}


include("audit.inc");
include("global_settings.inc");
include("slackware.inc");


if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
if (!get_kb_item("Host/Slackware/release")) audit(AUDIT_OS_NOT, "Slackware");
if (!get_kb_item("Host/Slackware/packages")) audit(AUDIT_PACKAGE_LIST_MISSING);


cpu = get_kb_item("Host/cpu");
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Slackware", cpu);


flag = 0;
if (slackware_check(osver:"10.0", pkgname:"samba", pkgver:"3.0.5", pkgarch:"i486", pkgnum:"2")) flag++;

if (slackware_check(osver:"current", pkgname:"samba", pkgver:"3.0.5", pkgarch:"i486", pkgnum:"2")) flag++;


if (flag)
{
  if (report_verbosity > 0) security_hole(port:0, extra:slackware_report_get());
  else security_hole(0);
  exit(0);
}
else audit(AUDIT_HOST_NOT, "affected");